Vulmon Recent Vulnerabilities Trends About Contact

Recent vulnerabilities and exploits

3.3
CVSSv2
CVE-2019-5108
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for stations before the required authentication process has completed. This could lead to...
LinuxLinux Kernel
NA
CVE-2019-4580
IBM Resilient OnPrem 33.0 and 34.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 167238....
NA
CVE-2019-4532
IBM Resilient OnPrem 33.0 and 34.0 does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests. IBM X-Force ID: 165588....
NA
CVE-2019-8796
iOS 12.4.3...
NA
CVE-2020-11668
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770....
NA
CVE-2020-8961
An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. The Self-Protection feature does not prohibit a write operation from an external process. Thus, code injection can be used to turn off this feature. After that, one can construct an event that will modify a...
NA
CVE-2020-7922
X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Customers who do not use X.509 authentication, and those who do not use the Operator to generate their...
NA
CVE-2018-21034
In Argo versions prior to v1.5.0-rc1, it was possible for authenticated Argo users to submit API calls to retrieve secrets and other manifests which were stored within git....
NA
CVE-2020-1895
A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128....
NA
CVE-2020-5263
auth0.js (NPM package auth0-js) greater than version 8.0.0 and before version 9.12.3 has a vulnerability. In the case of an (authentication) error, the error object returned by the library contains the original request of the user, which may include the plaintext password the...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-0674arbitrary CVE-2018-21060CVE-2020-1624CVE-2020-1991local file inclusionCVE-2020-10621wirelessCVE-2020-6819googleandroid